securityXspace: a blog about cyber-philosophy.

The NSA and other Government Intelligence groups, including the UK’s GCHQ, have a long history of meddling in cryptographic standards, which is described in great detail by cryptographer, Prof. Matthew Green. In June 2004 the Dual EC-DRBG Elliptic curve pseudo-random number generation algorithm appeared in drafts of ANSI X9.82. This algorithm has always been suspected…

By: Jindrich Karasek and Augusto Remillano II Elasticsearch is no stranger to cybercriminal abuse given its popularity and use to organizations. In fact, this year’s first quarter saw a surge of attacks — whether by exploiting vulnerabilities or taking advantage of security gaps — levelled against Elasticsearch servers. Source: Multistage Attack Delivers BillGates/Setag Backdoor, Can…

Must have been the cyber security course’s day off Lancaster University – which offers a GCHQ-accredited degree in security – has been struck by a “sophisticated and malicious phishing attack” that resulted in the leak of around 12,500 wannabe students’ personal data.… Source: Lancaster Uni data breach hits at least 12,500 wannabe students

A security hole affecting the free and open source ProFTPD file transfer protocol (FTP) server can be exploited to copy files to vulnerable servers and possibly execute arbitrary code. read more Source: ProFTPD Vulnerability Can Expose Servers to Attacks

A hacking group that distributed files stolen from a Russian contractor to the media last week has published some of the documents online. Source: FSB hackers drop files online

Original release date: July 22, 2019 As part of the effort to #Protect2020 , the Cybersecurity and Infrastructure Security Agency (CISA) is working with national partners to build resilience to foreign interferences, particularly information activities (e.g., disinformation, misinformation). Source: Building Resilience to Foreign Interference, Misinformation Activities

A recently announced pair of vulnerabilities in server firmware could put enterprise IT at risk. Source: Firmware Vulnerabilities Show Supply Chain Risks

This is the second part of a blog post from the Microsoft Security Response Center. It examines the classes of vulnerabilities introduced in modern systems programming languages, like C/C++, and makes the case for replacing them with the Rust programming language. Read the full article: Why Rust for safe systems programming

Enlarge (credit: One of the slides posted to Github ) A security researcher has published a detailed guide that shows how to execute malicious code on Windows computers still vulnerable to the critical BlueKeep vulnerability. The move significantly lowers the bar for writing exploits that wreak the kinds of destructive attacks not seen since the…

A fascinating read with great technical analysis of many memory-related security vulnerabilities. This is one of a series of blogs aimed at encouraging developers to move from C/C++ to perceived memory-safe languages, like Rust. Read the full article: We Need a Safer Systems Programming Language